Info |
---|
This article includes updates for Certificate Manager 8.1011. |
...
The shaded objects show the foundation of the Certificate Manager PKI environment, which is created in the bootstrap procedure.
...
Use the key
Officer and system CA key
created in the previous step, to create an Officer and System CA, according to Create CA in Certificate Manager.In CA Authority name, enter
Officer and system CA
.Do the following selections in the CA Authority Request dialog box:
Issuing CA - select Self-signed
Usage - Certificate signing
Format - self-signed ca-cert
Country - current country
Common name - Officer and system CA
Organization - current organization
...
Issue a software token based on the token procedure for TLS and PIN encryption, according to Issue software token in Certificate Manager.
Name the file tls.p12.
Make a note of the assigned PIN code.
Save the file to a removable media for use in later tasks.
Elliptic Curve keys using Brainpool curves are not supported for TLS.
Issue software token for PIN encryption
...
After removing this CA key, any procedures created with the Boot CA key can no longer be used and CIS log entries signed with this key can no longer be verified.
...
Additional information
Expand | ||
---|---|---|
| ||
The following tasks are done during the bootstrapping procedure. In Administrator's workbench (AWB): Using hwsetup: In Key Generation System: |